Deny Executable File Modification

This control option prevents the user from performing unauthorized application installations. Doing so, blocks .exe creation and blocks .exe create requests. And, the user or process requesting such actions which are being denied, receive standard Windows error messages that indicate the file is inaccessible. This has the benefit of not alerting the user to the presence of SofTrack and therefore are not aware that their actions being specifically denied rather than some other fault. The user is blocked from a behaviour which they likely know is not allowed but are not aware of the specific method to restrict their access.

The SofTrack Local Workstation Agent can be configured to allow specifically named processes the ability to create and/or modify .EXE. .DLL and .COM files. For instance, you would exercise this option in the case of a computer science lab where students are creating computer programs and therefore require the ability to create .EXE files.

SofTrack's Control features in this section can assist in prevention of spyware downloads and other unwanted software such as trojan horses, worms, virus and so on.

The features in this section are currently available only for Windows®-based workstations and terminal server sessions.

Deny use of improperly named files

Deny execution/launch of any executable file that does not have a proper *.EXE or *.COM filename;

With Windows® servers/workstations it is possible to run an executable file with any extension instead of the usual .EXE or .COM. Because of viruses, worms, trojan horses and similar viral methods may rely on such an attack, SofTrack can help you prevent such access.